ricardolb Posted August 5, 2019 Share Posted August 5, 2019 Hey guys, I am trying to reproduce youtube videos in an Unigui Application, I have it working to play the videos, the problem starts when I need to intercept the API events for when the State changes, eg: playback ended, playback stopped etc... I get a console message "Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/id' from origin 'https://www.youtube.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource." Is it possible to enable CORS in UniGUI? Has anyone done something similar? Thank you. Quote Link to comment Share on other sites More sharing options...
irigsoft Posted June 15, 2021 Share Posted June 15, 2021 On 8/5/2019 at 4:26 PM, ricardolb said: Hey guys, I am trying to reproduce youtube videos in an Unigui Application, I have it working to play the videos, the problem starts when I need to intercept the API events for when the State changes, eg: playback ended, playback stopped etc... I get a console message "Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/id' from origin 'https://www.youtube.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource." Is it possible to enable CORS in UniGUI? Has anyone done something similar? Thank you. Hello, did You succeed with this problem ? Quote Link to comment Share on other sites More sharing options...
andyhill Posted June 19, 2021 Share Posted June 19, 2021 Ditto Quote Link to comment Share on other sites More sharing options...
irigsoft Posted June 19, 2021 Share Posted June 19, 2021 Enabling CORS is possible in server side. Maybe this will help, from here: https://portswigger.net/web-security/cors/access-control-allow-origin or here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin , https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS procedure TUniServerModule.UniGUIServerModuleHTTPCommand //enable CORS (XMLHttpRequest) AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Origin', 'Server_URL'); AResponseInfo.CustomHeaders.AddValue('Access-Control-Expose-Headers', '"Location, Warning, Etag"'); AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Origin-Headers', '"Accept, Content-Type, If-None-Match, X-If-None-Match"'); AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Headers', '"Content-Type, If-None-Match, X-If-None-Match, Authorization"'); AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Credentials', 'true'); AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Methods', 'GET');//,POST, DELETE, HEAD, OPTIONS AResponseInfo.CustomHeaders.AddValue('Access-Control-Max-Age', '86400'); not tested !!! Quote Link to comment Share on other sites More sharing options...
irigsoft Posted June 20, 2021 Share Posted June 20, 2021 some explanation here: Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.